--- linux-2.6.11-rc1/arch/i386/kernel/traps.c	2005-01-14 12:35:31 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/arch/i386/kernel/traps.c	2005-01-15 12:15:35 +0100
@@ -340,6 +342,7 @@ void die(const char * str, struct pt_reg
 	bust_spinlocks(0);
 	die.lock_owner = -1;
 	spin_unlock_irq(&die.lock);
+	vxh_dump_history();
 	if (in_interrupt())
 		panic("Fatal exception in interrupt");
 
--- linux-2.6.11-rc1/include/linux/net.h	2005-01-14 12:35:58 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/include/linux/net.h	2005-01-15 11:27:52 +0100
@@ -61,6 +61,8 @@ typedef enum {
 #define SOCK_ASYNC_NOSPACE	0
 #define SOCK_ASYNC_WAITDATA	1
 #define SOCK_NOSPACE		2
+#define SOCK_PASS_CRED		16
+#define SOCK_USER_SOCKET	17
 
 #ifndef ARCH_HAS_SOCKET_TYPES
 /** sock_type - Socket types
--- linux-2.6.11-rc1/include/linux/net.h	2005-01-14 12:35:58 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/include/linux/net.h	2005-01-15 11:27:52 +0100
@@ -111,7 +113,6 @@ struct socket {
 	struct sock		*sk;
 	wait_queue_head_t	wait;
 	short			type;
-	unsigned char		passcred;
 };
 
 struct vm_area_struct;
--- linux-2.6.11-rc1/include/net/af_unix.h	2004-10-23 05:06:24 +0200
+++ linux-2.6.11-rc1-vs1.9.4-rc2/include/net/af_unix.h	2005-01-15 11:27:52 +0100
@@ -11,9 +11,9 @@ extern rwlock_t unix_table_lock;
 
 extern atomic_t unix_tot_inflight;
 
-static inline struct sock *first_unix_socket(int *i)
+static inline struct sock *next_unix_socket_table(int *i)
 {
-	for (*i = 0; *i <= UNIX_HASH_SIZE; (*i)++) {
+	for ((*i)++; *i <= UNIX_HASH_SIZE; (*i)++) {
 		if (!hlist_empty(&unix_socket_table[*i]))
 			return __sk_head(&unix_socket_table[*i]);
 	}
--- linux-2.6.11-rc1/include/net/af_unix.h	2004-10-23 05:06:24 +0200
+++ linux-2.6.11-rc1-vs1.9.4-rc2/include/net/af_unix.h	2005-01-15 11:27:52 +0100
@@ -22,16 +22,19 @@ static inline struct sock *first_unix_so
 
 static inline struct sock *next_unix_socket(int *i, struct sock *s)
 {
-	struct sock *next = sk_next(s);
-	/* More in this chain? */
-	if (next)
-		return next;
-	/* Look for next non-empty chain. */
-	for ((*i)++; *i <= UNIX_HASH_SIZE; (*i)++) {
-		if (!hlist_empty(&unix_socket_table[*i]))
-			return __sk_head(&unix_socket_table[*i]);
-	}
-	return NULL;
+	do {
+		if (s)
+			s = sk_next(s);
+		if (!s)
+			s = next_unix_socket_table(i);
+	} while (s && !vx_check(s->sk_xid, VX_IDENT|VX_WATCH));
+	return s;
+}
+
+static inline struct sock *first_unix_socket(int *i)
+{
+	*i = 0;
+	return next_unix_socket(i, NULL);
 }
 
 #define forall_unix_sockets(i, s) \
--- linux-2.6.11-rc1/include/net/scm.h	2004-08-14 12:55:32 +0200
+++ linux-2.6.11-rc1-vs1.9.4-rc2/include/net/scm.h	2005-01-15 11:27:52 +0100
@@ -51,13 +51,13 @@ static __inline__ void scm_recv(struct s
 {
 	if (!msg->msg_control)
 	{
-		if (sock->passcred || scm->fp)
+		if (test_bit(SOCK_PASS_CRED, &sock->flags) || scm->fp)
 			msg->msg_flags |= MSG_CTRUNC;
 		scm_destroy(scm);
 		return;
 	}
 
-	if (sock->passcred)
+	if (test_bit(SOCK_PASS_CRED, &sock->flags))
 		put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(scm->creds), &scm->creds);
 
 	if (!scm->fp)
--- linux-2.6.11-rc1/include/net/sock.h	2004-12-25 01:55:30 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/include/net/sock.h	2005-01-15 11:27:52 +0100
@@ -110,6 +110,10 @@ struct sock_common {
 	struct hlist_node	skc_node;
 	struct hlist_node	skc_bind_node;
 	atomic_t		skc_refcnt;
+	xid_t			skc_xid;
+	struct vx_info		*skc_vx_info;
+	nid_t			skc_nid;
+	struct nx_info		*skc_nx_info;
 };
 
 /**
--- linux-2.6.11-rc1/include/net/sock.h	2004-12-25 01:55:30 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/include/net/sock.h	2005-01-15 11:27:52 +0100
@@ -191,6 +195,10 @@ struct sock {
 #define sk_node			__sk_common.skc_node
 #define sk_bind_node		__sk_common.skc_bind_node
 #define sk_refcnt		__sk_common.skc_refcnt
+#define sk_xid			__sk_common.skc_xid
+#define sk_vx_info		__sk_common.skc_vx_info
+#define sk_nid			__sk_common.skc_nid
+#define sk_nx_info		__sk_common.skc_nx_info
 	volatile unsigned char	sk_zapped;
 	unsigned char		sk_shutdown;
 	unsigned char		sk_use_write_queue;
--- linux-2.6.11-rc1/net/core/sock.c	2005-01-14 12:36:01 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/core/sock.c	2005-01-15 11:27:52 +0100
@@ -333,7 +334,10 @@ int sock_setsockopt(struct socket *sock,
 			break;
 
 		case SO_PASSCRED:
-			sock->passcred = valbool;
+			if (valbool)
+				set_bit(SOCK_PASS_CRED, &sock->flags);
+			else
+				clear_bit(SOCK_PASS_CRED, &sock->flags);
 			break;
 
 		case SO_TIMESTAMP:
--- linux-2.6.11-rc1/net/core/sock.c	2005-01-14 12:36:01 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/core/sock.c	2005-01-15 11:27:52 +0100
@@ -557,7 +561,7 @@ int sock_getsockopt(struct socket *sock,
 			break; 
 
 		case SO_PASSCRED:
-			v.val = sock->passcred;
+			v.val = test_bit(SOCK_PASS_CRED, &sock->flags)?1:0;
 			break;
 
 		case SO_PEERCRED:
--- linux-2.6.11-rc1/net/core/sock.c	2005-01-14 12:36:01 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/core/sock.c	2005-01-15 11:27:52 +0100
@@ -632,6 +636,8 @@ struct sock *sk_alloc(int family, int pr
 			sock_lock_init(sk);
 		}
 		sk->sk_slab = slab;
+		sock_vx_init(sk);
+		sock_nx_init(sk);
 		
 		if (security_sk_alloc(sk, family, priority)) {
 			kmem_cache_free(slab, sk);
--- linux-2.6.11-rc1/net/core/sock.c	2005-01-14 12:36:01 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/core/sock.c	2005-01-15 11:27:52 +0100
@@ -662,6 +668,8 @@ void sk_free(struct sock *sk)
 		       __FUNCTION__, atomic_read(&sk->sk_omem_alloc));
 
 	security_sk_free(sk);
+	BUG_ON(sk->sk_vx_info);
+	BUG_ON(sk->sk_nx_info);
 	kmem_cache_free(sk->sk_slab, sk);
 	module_put(owner);
 }
--- linux-2.6.11-rc1/net/core/sock.c	2005-01-14 12:36:01 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/core/sock.c	2005-01-15 11:27:52 +0100
@@ -1208,6 +1216,11 @@ void sock_init_data(struct socket *sock,
 	sk->sk_stamp.tv_sec     = -1L;
 	sk->sk_stamp.tv_usec    = -1L;
 
+	sk->sk_vx_info		=	NULL;
+	sk->sk_xid		=	0;
+	sk->sk_nx_info		=	NULL;
+	sk->sk_nid		=	0;
+
 	atomic_set(&sk->sk_refcnt, 1);
 }
 
--- linux-2.6.11-rc1/net/netlink/af_netlink.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/netlink/af_netlink.c	2005-01-15 11:27:52 +0100
@@ -361,6 +364,12 @@ static int netlink_create(struct socket 
 	init_waitqueue_head(&nlk->wait);
 	sk->sk_destruct = netlink_sock_destruct;
 
+	set_vx_info(&sk->sk_vx_info, current->vx_info);
+	sk->sk_xid = vx_current_xid();
+	vx_sock_inc(sk);
+	set_nx_info(&sk->sk_nx_info, current->nx_info);
+	sk->sk_nid = nx_current_nid();
+
 	sk->sk_protocol = protocol;
 	return 0;
 }
--- linux-2.6.11-rc1/net/netlink/af_netlink.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/netlink/af_netlink.c	2005-01-15 11:27:52 +0100
@@ -402,6 +411,12 @@ static int netlink_release(struct socket
 		notifier_call_chain(&netlink_chain, NETLINK_URELEASE, &n);
 	}	
 	
+	vx_sock_dec(sk);
+	clr_vx_info(&sk->sk_vx_info);
+	sk->sk_xid = -1;
+	clr_nx_info(&sk->sk_nx_info);
+	sk->sk_nid = -1;
+
 	sock_put(sk);
 	return 0;
 }
--- linux-2.6.11-rc1/net/socket.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/socket.c	2005-01-15 11:27:52 +0100
@@ -287,7 +288,7 @@ static struct inode *sock_alloc_inode(st
 	ei->socket.ops = NULL;
 	ei->socket.sk = NULL;
 	ei->socket.file = NULL;
-	ei->socket.passcred = 0;
+	ei->socket.flags = 0;
 
 	return &ei->vfs_inode;
 }
--- linux-2.6.11-rc1/net/socket.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/socket.c	2005-01-15 11:27:52 +0100
@@ -531,7 +532,7 @@ static inline int __sock_sendmsg(struct 
 				 struct msghdr *msg, size_t size)
 {
 	struct sock_iocb *si = kiocb_to_siocb(iocb);
-	int err;
+	int err, len;
 
 	si->sock = sock;
 	si->scm = NULL;
--- linux-2.6.11-rc1/net/socket.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/socket.c	2005-01-15 11:27:52 +0100
@@ -542,7 +543,21 @@ static inline int __sock_sendmsg(struct 
 	if (err)
 		return err;
 
-	return sock->ops->sendmsg(iocb, sock, msg, size);
+	len = sock->ops->sendmsg(iocb, sock, msg, size);
+	if (sock->sk) {
+		if (len == size)
+			vx_sock_send(sock->sk, size);
+		else
+			vx_sock_fail(sock->sk, size);
+	}
+	vxdprintk(VXD_CBIT(net, 7),
+		"__sock_sendmsg: %p[%p,%p,%p;%d]:%d/%d",
+		sock, sock->sk,
+		(sock->sk)?sock->sk->sk_nx_info:0,
+		(sock->sk)?sock->sk->sk_vx_info:0,
+		(sock->sk)?sock->sk->sk_xid:0,
+		(unsigned int)size, len);
+	return len;
 }
 
 int sock_sendmsg(struct socket *sock, struct msghdr *msg, size_t size)
--- linux-2.6.11-rc1/net/socket.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/socket.c	2005-01-15 11:27:52 +0100
@@ -580,7 +595,7 @@ int kernel_sendmsg(struct socket *sock, 
 static inline int __sock_recvmsg(struct kiocb *iocb, struct socket *sock, 
 				 struct msghdr *msg, size_t size, int flags)
 {
-	int err;
+	int err, len;
 	struct sock_iocb *si = kiocb_to_siocb(iocb);
 
 	si->sock = sock;
--- linux-2.6.11-rc1/net/socket.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/socket.c	2005-01-15 11:27:52 +0100
@@ -593,7 +608,17 @@ static inline int __sock_recvmsg(struct 
 	if (err)
 		return err;
 
-	return sock->ops->recvmsg(iocb, sock, msg, size, flags);
+	len = sock->ops->recvmsg(iocb, sock, msg, size, flags);
+	if ((len >= 0) && sock->sk)
+		vx_sock_recv(sock->sk, len);
+	vxdprintk(VXD_CBIT(net, 7),
+		"__sock_recvmsg: %p[%p,%p,%p;%d]:%d/%d",
+		sock, sock->sk,
+		(sock->sk)?sock->sk->sk_nx_info:0,
+		(sock->sk)?sock->sk->sk_vx_info:0,
+		(sock->sk)?sock->sk->sk_xid:0,
+		(unsigned int)size, len);
+	return len;
 }
 
 int sock_recvmsg(struct socket *sock, struct msghdr *msg, 
--- linux-2.6.11-rc1/net/socket.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/socket.c	2005-01-15 11:27:52 +0100
@@ -1085,6 +1110,10 @@ static int __sock_create(int family, int
 	if (type < 0 || type >= SOCK_MAX)
 		return -EINVAL;
 
+	/* disable IPv6 inside vservers for now */
+	if (family == PF_INET6 && !vx_check(0, VX_ADMIN))
+		return -EAFNOSUPPORT;
+
 	/* Compatibility.
 
 	   This uglymoron is moved from INET layer to here to avoid
--- linux-2.6.11-rc1/net/socket.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/socket.c	2005-01-15 11:27:52 +0100
@@ -1192,6 +1221,7 @@ asmlinkage long sys_socket(int family, i
 	if (retval < 0)
 		goto out;
 
+	set_bit(SOCK_USER_SOCKET, &sock->flags);
 	retval = sock_map_fd(sock);
 	if (retval < 0)
 		goto out_release;
--- linux-2.6.11-rc1/net/socket.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/socket.c	2005-01-15 11:27:52 +0100
@@ -1222,10 +1252,12 @@ asmlinkage long sys_socketpair(int famil
 	err = sock_create(family, type, protocol, &sock1);
 	if (err < 0)
 		goto out;
+	set_bit(SOCK_USER_SOCKET, &sock1->flags);
 
 	err = sock_create(family, type, protocol, &sock2);
 	if (err < 0)
 		goto out_release_1;
+	set_bit(SOCK_USER_SOCKET, &sock2->flags);
 
 	err = sock1->ops->socketpair(sock1, sock2);
 	if (err < 0) 
--- linux-2.6.11-rc1/net/unix/af_unix.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/unix/af_unix.c	2005-01-15 11:27:52 +0100
@@ -394,6 +397,9 @@ static int unix_release_sock (struct soc
 		mntput(mnt);
 	}
 
+	vx_sock_dec(sk);
+	clr_vx_info(&sk->sk_vx_info);
+	clr_nx_info(&sk->sk_nx_info);
 	sock_put(sk);
 
 	/* ---- Socket is dead now and most probably destroyed ---- */
--- linux-2.6.11-rc1/net/unix/af_unix.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/unix/af_unix.c	2005-01-15 11:27:52 +0100
@@ -550,6 +556,11 @@ static struct sock * unix_create1(struct
 	sock_init_data(sock,sk);
 	sk_set_owner(sk, THIS_MODULE);
 
+	set_vx_info(&sk->sk_vx_info, current->vx_info);
+	sk->sk_xid = vx_current_xid();
+	vx_sock_inc(sk);
+	set_nx_info(&sk->sk_nx_info, current->nx_info);
+
 	sk->sk_write_space	= unix_write_space;
 	sk->sk_max_ack_backlog	= sysctl_unix_max_dgram_qlen;
 	sk->sk_destruct		= unix_sock_destructor;
--- linux-2.6.11-rc1/net/unix/af_unix.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/unix/af_unix.c	2005-01-15 11:27:52 +0100
@@ -861,7 +872,7 @@ static int unix_dgram_connect(struct soc
 			goto out;
 		alen = err;
 
-		if (sock->passcred && !unix_sk(sk)->addr &&
+		if (test_bit(SOCK_PASS_CRED, &sock->flags) && !unix_sk(sk)->addr &&
 		    (err = unix_autobind(sock)) != 0)
 			goto out;
 
--- linux-2.6.11-rc1/net/unix/af_unix.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/unix/af_unix.c	2005-01-15 11:27:52 +0100
@@ -952,7 +963,8 @@ static int unix_stream_connect(struct so
 		goto out;
 	addr_len = err;
 
-	if (sock->passcred && !u->addr && (err = unix_autobind(sock)) != 0)
+	if (test_bit(SOCK_PASS_CRED, &sock->flags)
+		&& !u->addr && (err = unix_autobind(sock)) != 0)
 		goto out;
 
 	timeo = sock_sndtimeo(sk, flags & O_NONBLOCK);
--- linux-2.6.11-rc1/net/unix/af_unix.c	2005-01-14 12:36:02 +0100
+++ linux-2.6.11-rc1-vs1.9.4-rc2/net/unix/af_unix.c	2005-01-15 11:27:52 +0100
@@ -1286,7 +1298,8 @@ static int unix_dgram_sendmsg(struct kio
 			goto out;
 	}
 
-	if (sock->passcred && !u->addr && (err = unix_autobind(sock)) != 0)
+	if (test_bit(SOCK_PASS_CRED, &sock->flags)
+		&& !u->addr && (err = unix_autobind(sock)) != 0)
 		goto out;
 
 	err = -EMSGSIZE;